Explanation of the web of trust of PGP

Everyone can generate a PGP key by himself. If you want to know if a given key belongs really to the person
stated in the key, you have to verify that.
This is very easy if you know the person who created the key. But is is difficult if you do not know that person at all.

I will explain how PGP solves this problem.
The main point is the usage of certificates. Such a certificate has about this meaning:
I confirm, that the signed key belongs to the person mentioned in the UserID-field..

Additional I will point out how PGP determines which key is valid and which not.
And also the way PGP handles the trust parameters.

Why to build a web

A problem in every public key system is the authentication of the public key.
A example will show that: I get an electronicly signed email from Germano Caronni.
To verify the signature of his mail, I need his public key.

One way to get his key is to send a mail to pgp-public-keys@keys.pgp.net with the subject
GET caronni@tik.
But is this really his public key? Some other person could have created a key with the
name Germano Carroni. This person could then send the key onto the keyservers.

I have to check the authenticity of this public
key to see if it is really from Germano Caronni.
There are several possibilities to do so:

I search his phone number in an official phone book and make a call. On the phone he gives me all his
key properties.
I have to know him to be able to identify him by his voice for this to work. If I can not identify him by his
voice any one else could say he is Germano Caronni.

I visit him, he shows me his picture identity card and gives me the
key properties of his key.

I search for another person which has confirmed that the key of Germano Caronni really belongs Germano.
This will be explained in this text.

The possibilities 1 and 2 are expensive and perhaps impossible. I probably will not visit someone in an other country
to verify a signature.
The third possibility is very easy because all can be done electronicly.
There is even a tool to do so: the AT&T PathServer.
There I can enter the keyID of my PGP key, which is DD934139. Additionally I enter the keyID of Germanos key, which is
7B7AE5E1. The PathServer gives me the following image as a result:

The top circle is for my key DD934139, the key at the bottom of the picture is the key of Germano 7B7AE5E1.
An arc from A to B stands for an electronic signature of the key B, done by A.

I can read from the picture: Marcel Waldvogel confirms that the key 7B7AE5E1 really belongs to Germano Caronni, because
he has signed the key of Germano.
I have signed the key of Marcel Waldvogel and confirm therefore that the key AB96E86D belongs him.
There is another path from my key to Germanos key via the ct'magazin and Hanno Wagner.

To be able to verify such paths it is very important that everyone signs the key
of others and submits these signatures to the keyservers. This way also others can benefit
from such signatures.
All these signatures build a kind of a web. Thats why this is called the web of trust.

The paths between two keys have to be as short as possible. These paths are chains of
confirmations. If the path between my key and the key of Germano gets longer I am less sure about the validity authenticity
of his key.
Paths which do not share a common key between the starting key and the last key are called disjoint paths.
It is important to have as many disjoint paths as possible. The more disjoint paths between two keys the less the
probability that someone can fake a confirmation chain by issuing a wrong signature.

You can gie any key in you keyring a certain trust level. This trustlevel tells PGP how much you trust key certificates
done by this key. The lower the trust value the more key certificates are necessary to validate a key.

trust values

meaning of this trust value

untrusted

key certificates done with this key are ignored

marginal

At least 2 keys with marginal trust have to sign another (third) key to make this third key a valid key.

complete

At least one key with complete trust has to sign another key to make the key valid.

ultimate

If you have the secret key for a public key this key is ultimately trusted.
Every key you sign with an ultimate trusted key becomes valid.

The number of key certificates needed to make a key valid is taken from PGP 5.x (5.0 and 5.5) for Windows.
With the Unix version of PGP you can set this values by yourself in the configuration file.
The default values of PGP 2.6 are 2 and 4.

To trust values and the validity of the keys can be determined as follows:

PGP 5.x (Windows)

PGPKeys.exe has two columns Validity and Trust where it shows the values graphicly.

PGP 5.x (Unix)

pgpk -c verifys all signatures and shows the values for every key in the keyring.

PGP 2.x.x

pgp -km shows the valuespgp -kc verifys all signatures and should be called prior using pgp -km.